VDB

CVE-2018-11770

CVE-2018-11770 PUBLISHED CVSS 4.199999809265137 MEDIUM

org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 Improper Authentication vulnerability

EPSS 89.00% · 99.5th percentile

Risk Scores

CVSS v3.1
4.199999809265137
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS Score
89.00%
99.5th percentile

Affected Products

VendorProductVersions
Mavenorg.apache.spark:spark-core_2.111.0.0, 1.0.0, 1.0.0
Mavenorg.apache.spark:spark-core_2.101.0.0, 1.0.0, 1.0.0
Apache Software FoundationApache Spark1.3.0
apachespark1.3.0, 1.3.0, 1.3.0

Timeline

  • Jan 19, 1970 VulnCheck XDB Entry
  • Dec 12, 2017 Metasploit Module
  • Aug 13, 2018 CVE Published
  • Nov 29, 2018 PoC Published
  • Apr 14, 2021 EPSS Score
  • Jun 22, 2021 EPSS Score
  • Oct 25, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 27, 2022 EPSS Score
  • Jul 2, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›